# Scheduled tasks, PowerShell’s -file parameter, and array values

I wrote a script that accepts a comma-separated list of values, and the script worked just fine from the command-line. However, when I tried to configure a scheduled task to run the script, it always failed.

Why? Well, I started a cmd.exe session and then launched the script in the same way that the scheduled task did, using PowerShell’s -file parameter. And when I did that, the error message that I emit from the script showed me that the list was being parsed as a single string argument.

To confirm and experiment, I wrote a short little test script:

<# Cast-WizardSpell.ps1
.SYNOPSIS
Simple script to test parameter parsing when using -file invocation e.g.:
powershell.exe -file .\Cast-WizardSpell -Spell 'Light','Magic Missile'
#>
[cmdletbinding()]
param(
[Parameter(Mandatory=$True,ValueFromPipeline=$True)]
[string[]]
$Spells ) process { foreach ($spell in $spells ) { "Casting$spell"
}
}


When run from within a PowerShell session, it works as expected:


PS C:\> .\Cast-WizardSpell.ps1 -SpellList 'Ray of Frost','Light','Detect Magic'
Casting Ray of Frost
Casting Light
Casting Detect Magic


When invoked using the PowerShell -file parameter, the comma-separated list is parsed as a single parameter (note: cmd.exe doesn’t like single quotes):


C:\>powershell -file .\Cast-WizardSpell.ps1 -SpellList "Ray of Frost","Light","Detect Magic"
Casting Ray of Frost,Light,Detect Magic

# Trying explicit array syntax, but no luck

C:\>powershell -file .\Cast-WizardSpell.ps1 -SpellList @("Ray of Frost","Light","Detect Magic")
Casting @(Ray of Frost,Light,Detect Magic)



What does work is to use the old-style -command syntax:


C:\>powershell -command "& .\Cast-WizardSpell.ps1 -SpellList 'Ray of Frost','Light','Detect Magic'"
Casting Ray of Frost
Casting Light
Casting Detect Magic



Alternatively, one can adjust the parameter syntax, adding the ValueFromRemainingArguments attribute. However, for this to work, you can’t specifiy the parameter name.


C:\>powershell -file .\Cast-WizardSpell.ps1  "Ray of Frost" "Light" "Detect Magic"
Casting Ray of Frost
Casting Light
Casting Detect Magic

C:\local\scripts>powershell -file .\Cast-WizardSpell.ps1 -SpellList "Ray of Frost" "Light" "Detect Magic"
C:\local\scripts\Cast-WizardSpell.ps1 : A positional parameter cannot be found that accepts argument 'Light'.
+ CategoryInfo          : InvalidArgument: (:) [Cast-WizardSpell.ps1], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Cast-WizardSpell.ps1



I’m not thrilled with either of these options, because some person like me may come along and, in an effort to be helpful, may twiddle the command line, thinking we’re normalizing or updating the syntax, when we’re really breaking things. However, I think using the -Command invocation is the least surprising, most consistent implementation. I’ll just make notes in the script help and in the description of the scheduled task about the reason I’ve used that method.

I think I’m not alone in finding the Service Control Manager logs so many informational events as to make it hard to read the important events in the System Event logs on modern Windows systems.

I’ve used custom XPath queries of Event logs before, and decided to define a Custom view of the System event log that suppresses the events generated by the Service Control Manager that are in the Informational or Verbose catergories. Here’s the XML that defines this custom view:


<QueryList>
<Query Id="0" Path="System">
<Select Path="System">*</Select>
<Suppress Path="System">*[System[Provider[@Name='Service Control Manager']
and (Level=4 or Level=0 or Level=5)]]</Suppress>
</Query>
</QueryList>



References:

# Renaming directories with invalid names

Somehow, a client managed to create several directories with names that ended with a period. However, File Explorer and other tools (i.e., backup) are unable to access the folder contents, getting an error that usually is interpreted as “The system cannot find the file specified.”

According to KB2829981, the Win32_API is supposed to remove trailing space and period characters. KB320081 has some helpful suggestions, and also indicates that some techniques allow programs to bypass the filename validation checks, and some POSIX tools are not subject to these checks.

I found that I was able to delete these problem folders by using rmdir /q /s “\\?\J:\path\to\bad\folder.” But I wanted to rename the folders in order to preserve any content. After flailing about for a while, including attempts to modify the folders using a MacOS Client and a third-party SSH service on the host, I was prodded by my colleague Greg to look at Robocopy.

1. I enabled 8dot3 file name creation on a separate recovery volume (I didn’t want to do so on the multi-terabyte source volume)
2. Using robocopy, I duplicated the parent folder containing the invalid folder names to the recovery volume, resulting in the creation of 8dot3 names for all the folders
3. I listed the 8dot3 names of the problem folders with dir /x
4. The rename command with the short name as a source and a valid new name

This fixed the folders, and let me access their contents. I then deleted the invalid folders from the source and copied the renamed folders into place.

It seems like a simple process, but I managed to waste most of a morning figuring this out. Hopefully, this may save someone else some time.

# Remote Desktop Gateway

In order to connect to the Remote Desktop service on centrally managed servers from off campus, as well as some more sensitive servers from on campus, you need to use the Remote Desktop Gateway feature.

For the current Remote Desktop Client on Windows, you can configure this option by going to the Advanced Options tab, and then click the Settings button.

On the RD Gateway Server Settings window that open, select the second option, Use these RD Gateway server settings. The server name is rdgateway.uvm.edu, and chose the Ask for password option.

Click OK, and you should be able to connect using the RD Gateway service. For more information about RD Gateway, see What is a Remote Desktop Gateway server?

# Who’s logged into Server 2012?

I’m severely disappointed that Microsoft has removed from Server 2012 the tools required for managing and configuring Remote Desktop for Administration. On previous server editions, I’ve used the Remote Desktop Services Manager to troubleshoot colleagues and delegated administrators’ access issues. We’ve also had situations where the SSL certificate used to identify the server and to encrypt traffic has expired and needed some intervention.

Some discussion on Mark Minasi’s support forum indicates that some of this functionality is returning in Server 2012 R2. In the meantime, and until all our servers get upgraded, I’ll be using a combination of the Task Manager (which shows user sessions),

Displaying user logon sessions in Server 2012 Task manager

and Process Explorer, which can show the username and start time for process.

# VSS diagnostics

For the past eight month, I’ve been working with EMC and Microsoft to diagnose a problem. Several time a month, during the backup of our primary Windows 2008 R2 file server, all the VSS shadow copies get deleted for the volume containing all our shared departmental directories.

This has two major effects. First, it means that our clients no longer can recover files using the Previous Versions feature of Windows. Second, it casts significant doubt on the validity of the backups performed at that time, which EMC NetWorker reports as having completed successfully.

We have been unable to find a technical solution to the shadow copy loss, so we will be reconfiguring our storage and shared directories to accommodate the limitations of NetWorker. In the meantime, I want to note a few of resources that have been helpful in diagnosing problems with VSS (it will be easier to find them here than in my pile o’ email):

Registry Keys and Values for Backup and Restore

How to enable the Volume Shadow Copy service’s debug tracing features in Microsoft Windows Server 2003 and Windows 2008

Using Tracing Tools with VSS

# Custom event log queries

I really like the newer event log model on Windows 2008 family, and the flexibility of the XML events and the queries that makes possible.

Recently, I started noticing a quiet failure of a scheduled task. The Task Scheduler thinks that the task completed successfully, though the executable called by the task action returned an error code of 3:

I wanted to see how long this have been going on, so I switched from the Task Scheduler console to Eventlog Viewer, and navigated to the Operational log under “Applications and Services Logs”- Microsoft – Windows – TaskScheduler.

I started by using the using the Filter Current log dialog to select events with Event ID 201, but this included all “Action completed” events for all tasks. So I looked at the XML view for one of the events for the task I was researching. The event includes a data value named “ActionName” with the value “diskshadow.exe” that should allow me to find all the relevant events.

Next, I needed to refine my filter to look for this value in the events. I opened the Filter Current log dialog again, and switched to the XML tab, then checked the Edit query manually option. You get a scary warning about not being able to use the GUI again, but that only applies to the current filter. Be bold: click OK.

Next, I edited the query, following examples from this excellent Ask the Directory Services Team blog post. The query is junk the between the select tags. Originally, the query was simply:

*[System[(EventID=201)]]

To that, I added the following:

and

So that the whole query looks like this:

<QueryList>
*[System[(EventID=201)]]
and
</Select>
</Query>
</QueryList>


Now event viewer shows me only the “Action Completed” events for the diskshadow.exe command, and I can see exactly when the behavior changed.

Note that you can save use the query XML with PowerShell’s Get-WinEvent commandlet’s -filterXML parameter [See an example]. You can also use the Save Filter to Custom View option to make this view persistent.

I routinely review Windows’ Event logs during diagnostics and troubleshooting. I find the ability to query those logs for specific data is an indispensable technique. No more dumping to CSV and running findstr! I hope you find it helpful, too.

We use EMC NetWorker for our enterprise backup solution. Since we migrated our primary file server from a NetApp filer to a native Windows server, we’ve been having a recurring problem with all the Shadow Copies for a volume getting deleted. There are strong indications that the problem is related to the NetWorker backups.

As we have been working on this issue with EMC (since the first week in January!), I wrote a script to tell me two things each morning; how many snapshots exist for each volume, and what VSS errors were logged, if any.

I thought someone might find it useful, so I’ve posted it as a separate page (the script doesn’t fit nicely in the column on the blog).

PowerShell Script: chksnap.ps1